KR20130055877A - Method, server, terminal and recording medium for serving authentication process - Google Patents

Abstract

PURPOSE: A server, a terminal, a record medium, and a method for providing a certification process are provided to prevent an online money loss of users which is caused by a hacking or ID embezzlement by increasing safety strength. CONSTITUTION: A certification screen provider(210) controls an output in a terminal about a certification screen on which a rotational body image is displayed. A rotational body image manipulation data receiver(220) receives rotational manipulation data from the terminal about the rotational body image which is generated according to a drag signal which is continuously recognized. A certification data generator(230) grasps the rotation record of the rotational body image and generates certification data based on the rotational manipulation data. A certification processor(240) performs a certification process about a service for providing to the terminal by using the certification data. A service providing controller(250) controls whether the service is provided or not according to the performed result of the certification process about the service for providing to the terminal. [Reference numerals] (210) Certification screen provider; (220) Rotational body image manipulation data receiver; (230) Certification data generator; (240) Certification processor; (250) Service providing controller

Description

METHOOD, SERVER, TERMINAL AND RECORDING MEDIUM FOR SERVING AUTHENTICATION PROCESS}

The present invention relates to a technique for providing authentication processing. More specifically, the present invention relates to a technology for securely inputting authentication information from a hacking program such as a keylog and a click screen shot, and performing authentication processing using the same.

Many online systems accept user accounts and passwords to verify legitimate users. User accounts and passwords consist of letters and numbers or a combination of these, and authentication is done by sending these information to the server.Increasing cases of hacking the user's input of letters or numbers and information transmitted from the user terminal to the server have. For example, there is a technique of intercepting information transmitted elsewhere by the information hacking method transmitted from the user terminal to the server, which is a traditional method. However, this method has been reduced by recent developments in encryption technologies.

More problematic are hacking techniques using keylogs, click screenshots, and click coordinates. Keylog is a hacking of the information of the character according to the key press event generated from the keyboard controller connected to the user's terminal. The user can reconfigure the letters or numbers input by the user using the keyboard as it is. Most likely. In order to avoid hacking using the keylog, methods of inputting a user account or password using a mouse controller connected to a user terminal have been developed.However, this method also has complete security due to hacking technology using click screenshots or click coordinates. Could not have.

For example, an authentication technique using a mouse pad allows a password to be selected by using a mouse coordinate and a click event on an input screen displayed on a display device of a user terminal, and authenticates a key press event unlike a traditional method using a keyboard. It can be safe from hacking using keylog because it is not related to the hacking method. Click screenshot is a technology that captures the screen when a mouse click event occurs, so that the password input screen can be reconfigured as it is, and thus a user account and password are likely to be exposed. In addition, the technology using the click coordinates is a technology that recognizes the coordinates of the mouse when a mouse click event occurs, and works similarly to the click screenshot to hack the user account and password.

Against this backdrop, it aims to prevent users from losing their online goods through hacking and identity theft by solving problems of the traditional user account system and providing a more secure account system.

In order to achieve the above object, in one aspect, the present invention provides a method for the server to provide an authentication process, comprising: providing an authentication screen for controlling the output from the terminal to the authentication screen on which the rotating body image is displayed; A rotating image manipulation information receiving step of receiving rotation manipulation information on the rotating body image generated according to a continuously recognized drag signal from the terminal; An authentication information generation step of identifying a rotation history of the rotating body image based on the rotation manipulation information and generating authentication information based on the identified rotation history; And an authentication processing step of performing an authentication process on a service for providing to the terminal by using the authentication information.

In another aspect, the present invention, the authentication screen providing unit for controlling the output from the terminal to the authentication screen on which the rotating body image is displayed; A rotating body image manipulation information receiving unit which receives rotational manipulation information on the rotating body image generated according to a continuously recognized drag signal from the terminal; An authentication information generation unit which grasps a rotation history of the rotating body image based on the rotation manipulation information and generates authentication information based on the identified rotation history; And an authentication processing unit which performs an authentication process for a service to be provided to the terminal using the authentication information.

In another aspect, the present invention provides a method for providing an authentication process, the terminal comprising: an authentication screen providing step of controlling to output an authentication screen displaying a rotating body image rotated according to a drag signal; An authentication information generation step of generating authentication information based on a rotation history of the rotating body image generated according to the drag signal continuously recognized; And an authentication processing step of performing authentication processing on a terminal internal function or a service provided from a server by using the authentication information.

In another aspect, the present invention, the authentication screen providing unit for controlling the output of the authentication screen displayed on the rotating body image rotated in accordance with the drag signal; An authentication information generation unit generating authentication information based on a rotation history of the rotating body image generated according to the drag signal continuously recognized; And an authentication processor configured to perform authentication processing on a terminal internal function or a service provided from a server by using the authentication information.

In another aspect, the present invention provides a recording medium on which a program for executing a method for providing an authentication process is recorded, comprising: an authentication screen providing function of controlling an output of an authentication screen displaying a rotating body image rotated according to a drag signal; An authentication information generation function for generating authentication information based on a rotation history of the rotating body image generated according to the drag signal continuously recognized; And a computer-readable recording medium having recorded thereon a program for implementing an authentication processing function for performing an authentication process for an internal function of a terminal or a service provided from a server by using the authentication information.

As described above, according to the present invention, by providing an account input system that is different from the conventional account input system, the security strength can be increased to prevent the loss of online goods of users through hacking and ID theft.

1 is a diagram illustrating a system for providing authentication processing according to an embodiment of the present invention.
2 is a block diagram of a server providing authentication processing according to an embodiment of the present invention.
3 is a diagram exemplarily illustrating an example of a rotating body image related to an authentication process and a user operation according to an embodiment of the present invention.
4 is a flowchart of a method for providing authentication processing according to an embodiment of the present invention.
5 is a view showing another example of a rotating body image related to the authentication process according to an embodiment of the present invention and the user operation according to it.
6 is another flowchart of a method for providing authentication processing according to an embodiment of the present invention.
7 is a block diagram of a terminal providing authentication processing according to another embodiment of the present invention.
8 is a flowchart of a method for providing authentication processing according to another embodiment of the present invention.

Hereinafter, some embodiments of the present invention will be described in detail with reference to exemplary drawings. In adding reference numerals to the components of each drawing, it should be noted that the same reference numerals are assigned to the same components as much as possible even though they are shown in different drawings. In the following description of the present invention, a detailed description of known functions and configurations incorporated herein will be omitted when it may make the subject matter of the present invention rather unclear.

In addition, in describing the component of this invention, terms, such as 1st, 2nd, A, B, (a), (b), can be used. These terms are intended to distinguish the constituent elements from other constituent elements, and the terms do not limit the nature, order or order of the constituent elements. When a component is described as being "connected", "coupled", or "connected" to another component, the component may be directly connected to or connected to the other component, It should be understood that an element may be "connected," "coupled," or "connected."

1 is a diagram illustrating a system for providing authentication processing according to an embodiment of the present invention.

Referring to FIG. 1, the system 100 according to an embodiment of the present invention may include a server 110, a terminal 120, a network 130, and the like.

The terminal 120 may include a general PC such as a general desktop or a notebook, and may include a mobile terminal such as a smart phone, a tablet PC, a personal digital assistant (PDA) and a mobile communication terminal, but is not limited thereto. Rather, it should be broadly interpreted as any electronic device that can communicate with the server 110.

The server 110 has the same configuration as a conventional web server, a web application server, or a WAP server. However, as described in detail below, the software includes a program module which is implemented in any language such as C, C ++, Java, PHP, .Net, Python, Ruby, can do.

In addition, the server 110 may be connected to an unspecified number of clients (including the terminal 120) and / or other servers via the network 130 so that the server 110 can perform operations of the client or other server A computer system for receiving a request and deriving a result of the operation, or computer software (server program) installed for such a computer system.

In addition to the above-described server program, the server 110 may also include a wide range of application programs (application programs) operating on the server 110 and, in some cases, various databases built in or outside the server 110 It should be understood.

In addition, the server 110 can store and manage content, various information, and data in a database. Here, the database may be implemented inside or outside the server 110.

The server 110 may use a server program that is variously provided according to an operating system such as DOS, Windows, Linux, UNIX, or Macintosh to general server hardware Typical examples include a Web site used in a Windows environment, an Internet Information Server (IIS), Apache, Nginx, and Light HTTP used in a UNIX environment.

The network 130 is a network connecting the server 110 and the terminal 120 and may be a closed network such as a LAN (Local Area Network) or a WAN (Wide Area Network) ). ≪ / RTI > Here, the Internet includes various services existing in the TCP / IP protocol and its upper layers such as HTTP (HyperText Transfer Protocol), Telnet, File Transfer Protocol (FTP), Domain Name System (DNS), Simple Mail Transfer Protocol (SMTP), The global open computer network architecture that provides Simple Network Management Protocol (SNMP), Network File Service (NFS), and Network Information Service (NIS).

In addition, when the terminal 120 includes a mobile terminal such as a smart phone, a tablet PC, a PDA (personal digital assistant), and a mobile communication terminal, the network 130 may be a wireless access network such as a mobile communication network or a WiFi As shown in FIG.

The server or the method for providing authentication processing by the server according to an embodiment of the present invention described with reference to FIGS. 2 to 6 may be a method in which the server 110 or the server 110 provides authentication processing.

2 is a block diagram of a server providing authentication processing according to an embodiment of the present invention.

2, the server 110 may include an authentication screen providing unit 210, a rotating image manipulation information receiving unit 220, an authentication information generating unit 230, an authentication processing unit 240, a service providing control unit 250, and the like. It may include.

The authentication screen providing unit 210 controls the output from the terminal for the authentication screen on which the rotating body image is displayed.

The rotating body image manipulation information receiving unit 220 receives the rotating manipulation information for the rotating body image generated according to the continuously recognized drag signal from the terminal.

Dragging means moving by dragging, for example, on a PC, move the mouse to position the pointer over the image you want to drag, press the button attached to the mouse, and move the pointer to generate a drag signal. As another example of generating a drag signal, a touch pad generates a drag signal by pressing and moving an upper end of an image to be dragged using a finger or the like. The authentication screen providing unit 210 output control of the rotating image to the screen according to the drag signal input to the terminal. Rotating body refers to any shape that can rotate about one axis on the screen.

The authentication information generator 230 determines the rotation history of the rotating body image based on the rotation manipulation information, and generates authentication information based on the identified rotation history.

The rotation history may be information such as a rotation direction, a rotation angle, a position changed direction during rotation, an amount of rotation, and the like recorded with the order of time. However, the present invention is not limited thereto. For example, all the information generated by the rotation of the rotating body image, such as the rotation speed, the number of stops during the rotation, the time during the rotation, and the position during the rotation, may be the rotation history. As another example, as in another embodiment of the present invention, which will be described later with reference to FIG. 5, the characters arranged in the rotating body image staying in a specific area for a predetermined time or more during the rotation of the rotating body image also becomes a rotation history generated during the rotating. As a simple example of the rotation history, the rotational image moving according to the drag signal is rotated two times clockwise and then counterclockwise again.

The authentication information generator 230 generates authentication information according to a rotation history generated while the drag signal is continuously recognized. For example, when a drag signal is generated by a mouse, pressing a button of a mouse to select an image to be dragged, and dragging the image to remove the pressed state of the button again generates a drag signal. It is a process. When the authentication information is generated using the mouse, the authentication information generator 230 rotates the rotation history information of the rotating body image rotated until the mouse button is pressed and a drag signal is input and the pressed state of the mouse button is removed again. Based on this, authentication information is generated.

Since the authentication information generation unit 230 generates authentication information only in a section in which the drag signal is continuously recognized, the authentication information input terminal according to the present invention loses account information due to hacking programs such as keylogs and click screenshots. There is less concern. More specifically, since there is no key press signal like a keyboard, there is no fear of hacking due to the keylog program, and authentication information is generated according to a drag signal without generating a click signal such as a mouse, thereby generating a click signal such as a mouse. Therefore, there is no fear of hacking caused by the click screenshot program that captures the screen and hacks the account information.

The authentication processor 240 performs an authentication process for a service to be provided to the terminal using the authentication information.

In the above, the service provided by the server to the terminal requires user authentication, and an application program (for example, a game) using a user account or a connection service to the server through a user account is typical, but the present invention is limited thereto. It should not be interpreted that all services that provide additional functions to authenticated users after the authentication process are applicable.

The authentication processor 240 may perform the authentication process by comparing the stored reference information with the authentication information and generating an authentication result according to the comparison result.

The service providing control unit 250 controls whether to provide the service according to a result of performing the authentication process for the service to be provided to the terminal.

An example of rotating body image manipulation according to an embodiment of the present invention will be described with reference to FIG. 3.

3 is a diagram exemplarily illustrating an example of a rotating body image related to an authentication process and a user operation according to an embodiment of the present invention.

Referring to FIG. 3, the authentication screen providing unit 210 may output control the authentication screen including the rotating body 300 as shown in FIG. 3A to the terminal.

At this time, the rotating body image 300 may be controlled to be displayed at a random position on the authentication screen. This is to prevent exposure of the input information from a coordinate recognition hacking program that hacks the input information by recognizing specific coordinates and the like in the authentication screen. For example, when a coordinate history such as a pointer is hacked among the operation information on the rotating body image 300 by the coordinate recognition hacking program as described above, the hacker uses the coordinate history of the hacked pointer to transmit to the user's terminal. You will try to operate the same authentication screen. However, since the output position of the rotating body image 300 at the time of hacking differs from the output position of the rotating body image 300 thereafter (when a hacker attempts to perform an authentication process), authentication is successful by past coordinate history. You can't.

When the authentication screen as shown in FIG. 3 (a) is output, the user rotates the rotating body image 300 through a pointing device (for example, a mouse) or a touch (finger contact or pointer contact with the touchpad). Drag In response to the drag signal, the authentication screen providing unit 210 rotates the rotating body image 300 on the authentication screen and outputs the rotated state to the terminal.

After the user drags the rotating body 300 as much as the user wants to input, the drag ends (Fig. 3 (c)). The present invention generates authentication information based on the rotation history of the rotating body image 300 while the drag signal continues. Therefore, the drag signal is disconnected by an operation such as releasing the click button of the pointing device or removing the finger contact from the touch pad, and the subsequent signal does not become the basis of the authentication information.

The embodiment of Figure 3 generates authentication information in the direction of rotation, direction of rotation and amount of rotation. For example, when the user drags the rotating body image on the authentication screen and rotates it anticlockwise, anticlockwise, one wheel, and counterclockwise again, the authentication information generator 230 is 1. Counterclockwise counterclockwise rotation with rotation information, rotation direction switching with 2 rotation information, clockwise rotation with 3 rotation information, rotation direction switching with 4 rotation information, counterclockwise rotation with 5 rotation information Five pieces of rotation information are generated as authentication information.

Receiving the authentication information, the authentication processing unit 240 compares with the previously stored reference information. As a result of the comparison, if the reference information and the authentication information match, an authentication result of authentication success is generated, and a subsequent process is processed to proceed.

The embodiment described with reference to FIG. 3 may be applied only when the rotation amount of the rotating body image 300 determined in the rotating history of the rotating body image 300 is a value proportional to the unit rotational speed in order to further enhance security. Authentication information can be generated. The amount of rotation proportional to the unit rotation speed means that the rotating body image is rotated and returned to its original state. When the angle is displayed, it means that the rotating body image is rotated in multiples of 360 degrees such as 0 degrees, 360 degrees, -360 degrees. By returning the rotating body image to its original state, it is possible to reduce the risk of hacking the rotation history or the authentication information at the rotation angle at the moment of generating the authentication information.

In the above, the server 110 for providing authentication processing according to an embodiment of the present invention has been described. Hereinafter, the method for providing authentication processing by the server 110 according to an embodiment of the present invention will be described. do. The method for providing authentication processing by the server according to an embodiment of the present invention, which will be described later, may be performed by the server 110 according to the embodiment of the present invention shown in FIG. 2.

4 is a flowchart of a method for providing authentication processing according to an embodiment of the present invention.

Referring to FIG. 4, in the method of providing authentication processing, the server 110 may control an output from the terminal for the authentication screen on which the rotating body image is displayed (S410). In this step, the server 110 may control the rotating body image to be displayed at a random position on the authentication screen to enhance security.

The server 110 may receive rotation manipulation information on the rotating body image generated according to the continuously recognized drag signal (S420).

The server 110 may grasp the rotation history of the rotating body image based on the rotation manipulation information, and generate authentication information based on the identified rotation history (S430). In this step, the server 110 generates the authentication information based on one or more of the rotation direction, rotation angle, rotation direction change and rotation amount for the rotation image identified in the rotation history of the rotation image. Can be. The server 110 may generate the authentication information only when the rotation amount of the rotating body image determined from the rotating history of the rotating body image is a value proportional to the unit rotational speed.

The server 110 may perform an authentication process for a service to be provided to the terminal using the authentication information (S440, authentication processing step). In this step, the server 110 may perform the authentication process by comparing the stored reference information with the authentication information and generating an authentication result according to the comparison result.

After the authentication processing step S440, the server 110 may control whether to provide the service according to a result of performing the authentication processing on the service to be provided to the terminal (S450).

In the above description, the method for providing authentication processing by the server according to an embodiment of the present invention may be interpreted as being performed by the same procedure as in FIG. 4, but this is only for convenience of description and does not depart from the essential concept of the present invention. As long as it does not, the implementation procedure of each step may be changed, two or more steps may be integrated, or one step may be performed in two or more steps depending on the implementation manner.

Another example of the server 110 of the system 100 according to an embodiment of the present invention described with reference to FIG. 1 will be described with reference to FIGS. 5 and 6.

5 is a view showing another example of a rotating body image related to the authentication process according to an embodiment of the present invention and the user operation according to it.

Referring to FIG. 5, in the server 110 according to an embodiment of the present invention, the authentication screen providing unit 210 includes a plurality of characters arranged around the rotating body image 500 as shown in FIG. Control output from the terminal for the displayed authentication screen.

The rotating body image manipulation information receiving unit 220 receives rotation manipulation information on the rotating body image 500 generated according to a continuously recognized drag signal from the terminal.

The authentication information generation unit 230 determines the rotation history of the rotating body image 500 based on the rotation manipulation information, and generates authentication information based on the determined rotation history, If the area in which the specific letter is displayed among the plurality of characters by rotation rotates or overlaps with the preset authentication area and satisfies the conditions for staying in the authentication area for a predetermined time, the specific character is determined as an input character, and the specific character is inputted. The authentication information is generated by combining specific characters determined as input characters by repeating the determination as a character one or more times.

Referring to FIG. 5, the rotating body image 500 is selected in FIG. 5A, and the character 10 530 stays in the authentication area 520 according to the rotation manipulation information as shown in FIG. 5B. If the time lasts for a predetermined time (for example, 0.5 seconds) or more, the authentication information generator 230 first determines 10 as an input character. After that, if the rotating body image is rotated so that the text 4 540 stays in the authentication area 520 for a predetermined time or more, the authentication information generator 230 determines 4 as an input text. The process of determining input characters may be repeated to further determine input characters, and the authentication information generator 230 generates the authentication information by combining the determined input characters.

Since the authentication information generation unit 230 generates authentication information only in a section in which the drag signal is continuously recognized, the authentication information input terminal according to the present invention loses account information due to hacking programs such as keylogs and click screenshots. There is less concern. More specifically, since there is no key press signal like a keyboard, there is no fear of hacking due to the keylog program, and authentication information is generated according to a drag signal without generating a click signal such as a mouse, thereby generating a click signal such as a mouse. Therefore, there is no fear of hacking caused by the click screenshot program that captures the screen and hacks the account information.

In order to further enhance security, the authentication screen providing unit 210 may randomly control one or more of the display position, type and number of the plurality of characters displayed around the rotating body image 500. The authentication information generation unit 230 may change the location of the authentication area after the input character is determined or after generating the authentication information.

In addition, the authentication screen providing unit 210 arranges the drag point 510 in the remaining region other than the region where the plurality of characters are displayed on the rotating body image 500, and is dragged through the drag point 510 Only the rotating body image 500 can be rotated. Referring to FIG. 5, as shown in FIG. 5A, the drag point 510 is selected to rotate the rotating body image 500. By generating authentication information without directly selecting a character to be input with a pointer or the like, security of the authentication information is enhanced.

In addition, the authentication screen providing unit 210 determines the specific character as an input character only after satisfying a drag point return condition for returning to the position where the drag point 510 is initially disposed after the authentication area stay condition is satisfied. Can be. Referring to FIG. 5, the drag point 510 is selected as shown in FIG. 5A, and the rotatable image 500 is rotated as shown in FIG. 5B to stay in the authentication area for the character 10 530. After the condition is satisfied, 10 is determined as the input character for the character 10 only when the drag point return condition is satisfied by rotating the rotating body image 500 again to the position as shown in FIG. By matching the state before and after determining the input character and determining what the input character will be in the middle, it is possible to reduce the information exposure to the authentication information and enhance security.

The authentication processor 240 performs an authentication process for a service to be provided to the terminal using the authentication information.

The authentication processing unit 240 may perform the authentication process by comparing the stored reference information and the authentication information and generating an authentication result according to a comparison result, and after the authentication process, the service providing control unit 250 provides the terminal. It is possible to control whether to provide the service according to a result of performing the authentication process for the service to be performed.

In the above, the server 110 for providing authentication processing according to an embodiment of the present invention has been described with another example. Hereinafter, the server 110 according to an embodiment of the present invention provides authentication processing. The method will be described with another example. The method for providing authentication processing by the server according to an embodiment of the present invention, which will be described later, may be performed by the server 110 according to the embodiment of the present invention described with reference to FIGS. 2 and 5.

6 is another flowchart of a method for providing authentication processing according to an embodiment of the present invention.

Referring to FIG. 6, in the method for providing authentication processing, the server 110 may control an output from the terminal for the authentication screen on which the rotating body image is displayed (S610). In this step, the server 110 may control the rotating body image to be displayed at a random position on the authentication screen to enhance security.

The server 110 may receive rotation manipulation information on the rotating body image generated according to a continuously recognized drag signal from the terminal (S620).

The server 110 may grasp the rotation history of the rotating body image based on the rotation manipulation information, and generate authentication information based on the identified rotation history (S630, S640, S650). In this step, when the server 110 satisfies the conditions for staying in the authentication region in which a region in which a specific character is displayed among the plurality of characters is overlapped or overlapped with a preset authentication region and stays for a predetermined time due to the rotation of the rotating body image, If a specific character is determined as an input character (S630), and a drag signal is continuously recognized through the rotation manipulation information (YES in S640), the process of determining the input character is repeated, whereby the authentication area stay condition is determined. Subsequently, if it is further satisfied, one or more other specific characters are further determined as additional input characters (S630 repeated), and when the drag signal is terminated (NO in S640), the input characters and the additional input characters are combined and the Generate authentication information (S650).

The server 110 may perform an authentication process for a service to be provided to the terminal using the authentication information (S660).

In the above description, a method for providing authentication processing by a server according to an embodiment of the present invention may be interpreted as being performed by the same procedure as in FIG. 6, but this is for convenience of description and does not depart from the essential concept of the present invention. As long as it does not, the implementation procedure of each step may be changed, two or more steps may be integrated, or one step may be performed in two or more steps depending on the implementation manner.

In the above description, an embodiment in which authentication processing is performed by the server 110 included in the system 100 according to an embodiment of the present invention has been described. Hereinafter, without interworking with the server 110 or another server, An embodiment in which authentication processing is performed by a terminal will be described. Therefore, the following terminal is different from the terminal 120 of FIG. 1 and described with different reference numerals.

7 is a block diagram of a terminal 700 providing authentication processing according to another embodiment of the present invention.

Referring to FIG. 7, the terminal 700 according to another embodiment of the present invention may include an authentication screen providing unit 710, an authentication information generating unit 720, and an authentication processing unit 730.

The authentication screen providing unit 710 may control to output an authentication screen displaying a rotating body image rotated according to a drag signal. This is similar in function to the authentication screen providing unit 210 described with reference to Figure 2, the authentication screen output to the terminal may be substantially the same.

The authentication information generator 720 may generate authentication information based on a rotation history of the rotating body image generated according to the drag signal continuously recognized. This is similar in function to the authentication information generation unit 230 described with reference to FIG. 2, and generating authentication information based on the rotation history of the rotating body image is identical to the authentication information generation unit 230 described with reference to FIG. 2. May be substantially the same.

The authentication processor 730 may perform an authentication process for an internal terminal function or a service provided from a server by using the authentication information. The authentication processing unit 730 transmits the authentication information to a server that stores the reference information, and performs authentication processing on the terminal internal function or a service provided from the server according to the received authentication result, or the reference information stored therein. And the authentication information may be compared to perform authentication processing for the terminal internal function or a service provided from a server according to the comparison result.

As another embodiment of the present invention, the authentication screen providing unit 710 controls to display a plurality of characters arranged around the rotating body image, and the authentication information generating unit 720 continuously recognizes the drag signal. Authentication information is generated on the basis of the rotation history of the rotating body image generated by the rotation of the rotating body image, the area in which a specific character is displayed of the plurality of characters by overlapping or overlapping with the predetermined authentication area for a predetermined time or more When the conditions of staying in the authentication area for staying are satisfied, the authentication information may be generated by combining the specific characters determined as input characters by repeating the determination of the specific character as an input character one or more times. have.

In the above, the terminal 700 providing authentication processing according to another embodiment of the present invention has been described, and in the following, a method of providing the authentication processing by the terminal 700 according to another embodiment of the present invention will be described. do. The method for providing authentication processing by the terminal according to another embodiment of the present invention, which will be described later, may be performed by the terminal 700 according to another embodiment of the present invention shown in FIG. 7.

8 is a flowchart of a method for providing authentication processing according to another embodiment of the present invention.

Referring to FIG. 8, in the method for providing an authentication process, the terminal 700 may control to output an authentication screen displaying a rotating body image rotated according to a drag signal (S810, providing an authentication screen). Authentication information may be generated based on a rotation history of the rotating body image generated according to the drag signal recognized as (S820, authentication information generation step). In addition, the terminal 700 may perform an authentication process for an internal function of a terminal or a service provided from a server by using the authentication information (S830, authentication processing step).

The authentication processing step (S830) transmits the authentication information to a server storing reference information, and performs authentication processing on the terminal internal function or a service provided from the server according to the received authentication result, or the reference stored therein. The information may be compared with the authentication information to perform authentication processing for the terminal internal function or a service provided from a server according to the comparison result.

In another embodiment of the present invention, in the method for providing authentication processing, the authentication screen providing step (S810) in the terminal 700 controls to display a plurality of characters arranged around the rotating body image, Authentication information generation step (S820) generates authentication information based on the rotation history for the rotating body image generated in accordance with the drag signal continuously recognized, the specific character of the plurality of characters by the rotation of the rotating body image If the displayed area satisfies the conditions for staying in the authentication area that overlaps or overlaps with the predetermined authentication area for a predetermined time, the specific character is determined as the input character, and the specific character is determined as the input character. The authentication information may be generated by combining specific characters determined as letters.

In the above description, a method for providing authentication processing by a terminal according to another embodiment of the present invention may be interpreted as being performed by the same procedure as in FIG. 8, but this is for convenience of description and does not depart from the essential concept of the present invention. As long as it does not, the implementation procedure of each step may be changed, two or more steps may be integrated, or one step may be performed in two or more steps depending on the implementation manner.

The method for providing authentication processing according to the above-described embodiment of the present invention may be an application basically installed in the terminal 700 (which may be a program included in a platform, an operating system, or the like that is basically installed in the terminal). And an application installed by the user directly on the terminal 700 and compatible with the operating system of the terminal 700 through an application providing server such as an application store server, an application, or a web server associated with the corresponding service. That is, it may be executed by a program). Here, the operating system of the terminal 700 is an operating system such as a window or a Macintosh installed in a general PC such as a desktop, or an iOS or Android installed in a mobile terminal such as a smartphone or a tablet PC. It may also be a mobile-only operating system such as).

In this sense, the method for providing authentication processing according to the embodiment of the present invention described above is implemented as an application (ie, a program) basically installed in the terminal 700 or directly installed by a user, It may be recorded on a computer-readable recording medium.

A program implementing the method for providing authentication processing according to an embodiment of the present invention includes an authentication screen providing function for controlling an authentication screen displaying a rotating body image rotated according to a drag signal, and the drag signal continuously recognized. An authentication information generation function for generating authentication information based on a rotation history of the rotating body image generated in accordance with the present invention, and an authentication processing function for performing authentication processing for a service provided from a terminal internal function or a server using the authentication information. And so on. In addition to this, all functions corresponding to the method for providing authentication processing according to the embodiment of the present invention described above with reference to FIGS. 2 to 8 can be executed.

Such a program may be recorded on a recording medium that can be read by a computer and executed by a computer so that the above-described functions can be executed.

As described above, in order to execute a method in which a computer reads a program recorded on a recording medium and provides an authentication process implemented as a program, the above-described program may be read in C, C ++, JAVA, and machine language that can be read by the computer's processor (CPU). It may include a code (Code) coded in a computer language such as.

The code may include a function code related to a function or the like that defines the functions described above and may include an execution procedure related control code necessary for the processor of the computer to execute the functions described above according to a predetermined procedure.

In addition, such code may further include memory reference related code as to what additional information or media needed to cause the processor of the computer to execute the aforementioned functions should be referenced at any location (address) of the internal or external memory of the computer .

In addition, when a processor of a computer needs to communicate with any other computer or server, etc., to perform the above-described functions, the code may be stored in a computer's communication module (e.g., a wired and / ) May be used to further include communication related codes such as how to communicate with any other computer or server in the remote, and what information or media should be transmitted or received during communication.

The functional program for implementing the present invention and the related code and code segment may be implemented by programmers of the technical field of the present invention in consideration of the system environment of the computer that reads the recording medium and executes the program, Or may be easily modified or modified by the user.

Also, the computer-readable recording medium on which the above-described program is recorded may be distributed to a computer system connected via a network so that computer-readable codes can be stored and executed in a distributed manner. In this case, one or more of the plurality of distributed computers may execute some of the functions presented above and send the results of the execution to one or more of the other distributed computers, The computer may also perform some of the functions described above and provide the results to other distributed computers as well.

As described above, a computer-readable recording medium recording a program for executing a method for providing authentication processing according to an embodiment of the present invention may be, for example, a ROM, a RAM, a CD-ROM, a magnetic tape, Floppy disks, optical media storage, and the like.

In addition, a computer-readable recording medium recording an application, which is a program for executing a method for providing authentication processing according to an embodiment of the present invention, may be an application store server, an application, or a web server associated with a corresponding service. It may be a storage medium (for example, a hard disk, etc.) included in an application provider server including a web server, or the like, or may be an application providing server itself, or another computer or a storage medium for recording a program. have.

The computer which can read the recording medium which recorded the application which is a program for implementing the method which provides the authentication process which concerns on one Embodiment of this invention is not only general PCs, such as a desktop or a notebook, but also a smart phone, a tablet PC, It may include mobile terminals such as PDAs (Personal Digital Assistants) and mobile communication terminals, as well as to be interpreted as all computing devices.

If a computer capable of reading a recording medium recording an application, which is a program for executing a method for providing authentication processing according to an embodiment of the present invention, is a smart phone, a tablet PC, a personal digital assistant (PDA) and a mobile communication terminal, etc. In the case of a mobile terminal of the mobile terminal, the mobile terminal may download and install the corresponding application from an application providing server including an application store server, a web server, and the like, and in some cases, a synchronization program after downloading from the application providing server to a general PC. It may be installed in the mobile terminal through.

While the present invention has been described in connection with what is presently considered to be the most practical and preferred embodiments, it is to be understood that the invention is not limited to the disclosed embodiments. In other words, within the scope of the present invention, all of the components may be selectively operated in combination with one or more. In addition, although all of the components may be implemented as one independent hardware, some or all of the components may be selectively combined to perform a part or all of the functions in one or a plurality of hardware. As shown in FIG. Codes and code segments constituting the computer program may be easily inferred by those skilled in the art. Such a computer program may be stored in a computer readable storage medium and read and executed by a computer, thereby implementing embodiments of the present invention. As a storage medium of the computer program, a magnetic recording medium, an optical recording medium, or the like can be included.

It is also to be understood that the terms such as " comprises, "" comprising," or "having ", as used herein, mean that a component can be implanted unless specifically stated to the contrary. But should be construed as including other elements. All terms, including technical and scientific terms, have the same meaning as commonly understood by one of ordinary skill in the art to which this invention belongs, unless otherwise defined. Commonly used terms, such as predefined terms, should be interpreted to be consistent with the contextual meanings of the related art, and are not to be construed as ideal or overly formal, unless expressly defined to the contrary.

The foregoing description is merely illustrative of the technical idea of the present invention, and various changes and modifications may be made by those skilled in the art without departing from the essential characteristics of the present invention. Therefore, the embodiments disclosed in the present invention are intended to illustrate rather than limit the scope of the present invention, and the scope of the technical idea of the present invention is not limited by these embodiments. The protection scope of the present invention should be interpreted by the following claims, and all technical ideas within the equivalent scope should be interpreted as being included in the scope of the present invention.

Claims (16)

In the method for the server to provide authentication processing,
Providing an authentication screen for controlling an output from the terminal to the authentication screen on which the rotating body image is displayed;
A rotating image manipulation information receiving step of receiving rotation manipulation information on the rotating body image generated according to a continuously recognized drag signal from the terminal;
An authentication information generation step of identifying a rotation history of the rotating body image based on the rotation manipulation information and generating authentication information based on the identified rotation history; And
And an authentication processing step of performing an authentication process on a service for providing to the terminal by using the authentication information. The method of claim 1,
The authentication screen providing step,
And the rotational body image is displayed at a random position on the authentication screen. The method of claim 1,
The authentication information generation step,
The rotation history of the rotating body image is determined based on the rotation manipulation information, and authentication information is generated based on the identified rotation history.
Providing the authentication information based on at least one of a rotation direction, a rotation angle, a rotation direction change, and an amount of rotation of the rotating body image identified in the rotating history of the rotating body image. Way. The method of claim 3,
The authentication information generation step,
And generating the authentication information only when the rotation amount of the rotating body image determined from the rotating history of the rotating body image is a value proportional to the unit rotational speed. The method of claim 1,
The authentication screen providing step,
Control to display a plurality of characters arranged around the rotating body image,
The authentication information generation step,
The rotation history of the rotating body image is determined based on the rotation manipulation information, and authentication information is generated based on the identified rotation history.
When the area in which a specific letter is displayed among the plurality of letters is overlapped or overlapped with a preset authentication area by the rotation of the rotating body image and satisfies the authentication area staying condition for staying for a predetermined time, the specific character is determined as an input letter. And determining the specific character as the input character one or more times to combine the specific characters determined as the input character to generate the authentication information. The method of claim 5,
The authentication screen providing step,
And at least one of the display position, type, and number of the plurality of characters displayed around the rotating body image at random. The method of claim 5,
The authentication information generation step,
And after the input character is determined or after generating the authentication information, changing the position of the authentication area. The method of claim 5,
The authentication screen providing step,
And a drag point is placed on an area other than an area in which the plurality of characters are displayed on the rotating body image, and the rotating body image is rotated only when the dragging point is dragged through the dragging point. 9. The method of claim 8,
The authentication information generation step,
And after the authentication region stay condition is satisfied, the specific character is determined as an input character only if the drag point return condition is further satisfied to return to the position where the drag point was originally placed. Authentication screen providing unit for controlling the output from the terminal for the authentication screen on which the rotating body image is displayed;
A rotating body image manipulation information receiving unit which receives rotational manipulation information on the rotating body image generated according to a continuously recognized drag signal from the terminal;
An authentication information generation unit which grasps a rotation history of the rotating body image based on the rotation manipulation information and generates authentication information based on the identified rotation history; And
And an authentication processing unit for performing an authentication process for a service for providing to the terminal by using the authentication information. The method of claim 10,
The authentication screen providing unit,
Control to display a plurality of characters arranged around the rotating body image,
The authentication information generation unit,
The rotation history of the rotating body image is determined based on the rotation manipulation information, and authentication information is generated based on the identified rotation history.
When the area in which a specific letter is displayed among the plurality of letters is overlapped or overlapped with a preset authentication area by the rotation of the rotating body image and satisfies the authentication area staying condition for staying for a predetermined time, the specific character is determined as an input letter. And determining the specific character as the input character one or more times to combine the specific characters determined as the input character to generate the authentication information. In the method for the terminal to provide authentication processing,
Providing an authentication screen for controlling an output of an authentication screen displaying a rotating body image rotated according to a drag signal;
An authentication information generation step of generating authentication information based on a rotation history of the rotating body image generated according to the drag signal continuously recognized; And
And an authentication processing step of performing an authentication process on a terminal internal function or a service provided from a server by using the authentication information. The method of claim 12,
The authentication screen providing step,
Control to display a plurality of characters arranged around the rotating body image,
The authentication information generation step,
Generate authentication information based on the rotation history of the rotating body image generated according to the drag signal continuously recognized,
When the area in which a specific letter is displayed among the plurality of letters is overlapped or overlapped with a preset authentication area by the rotation of the rotating body image and satisfies the authentication area staying condition for staying for a predetermined time, the specific character is determined as an input letter. And determining the specific character as the input character one or more times to combine the specific characters determined as the input character to generate the authentication information. An authentication screen providing unit configured to control an output of an authentication screen displaying a rotating body image rotated according to a drag signal;
An authentication information generation unit generating authentication information based on a rotation history of the rotating body image generated according to the drag signal continuously recognized; And
And an authentication processor configured to perform an authentication process on a terminal internal function or a service provided from a server by using the authentication information. 15. The method of claim 14,
The authentication screen providing unit,
Control to display a plurality of characters arranged around the rotating body image,
The authentication information generation unit,
Generate authentication information based on the rotation history of the rotating body image generated according to the drag signal continuously recognized,
When the area in which a specific letter is displayed among the plurality of letters is overlapped or overlapped with a preset authentication area by the rotation of the rotating body image and satisfies the authentication area staying condition for staying for a predetermined time, the specific character is determined as an input letter. And determining the specific character as the input character one or more times to combine the specific characters determined as the input character to generate the authentication information. A recording medium having recorded thereon a program for executing a method for providing authentication processing,
An authentication screen providing function of controlling an output of an authentication screen displaying a rotating body image rotated according to a drag signal;
An authentication information generation function for generating authentication information based on a rotation history of the rotating body image generated according to the drag signal continuously recognized; And
A computer-readable recording medium having recorded thereon a program that implements an authentication processing function for performing authentication processing on a terminal internal function or a service provided from a server using the authentication information.

Images